Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 313a8d4eef9bbf733ec4b5c07f14aaa746aa50fb / . / deployment / deploy-over-testbed.md
blob: d7b31ac44f35236016d60066b8cac1e52c2747be [file] [log] [blame] [view]
Zhiyi Zhang3aaf06d2020-10-17 13:05:36 -0700[diff] [blame]1# Deploy NDNCERT v0.3 over testbed
2
3Three steps:
4
5* Deploy root CA `/ndn` by setting up the NDNCERT CA configuration and run NDNCERT service
6* At each site server, run NDNCERT client command line tools to get certificate issued by `/ndn` using the PIN code challenge, set up the CA configuration and run NDNCERT CA service.
7* Update the `/ndn`'s configuration file and restart the service.
8
Zhiyi Zhang3aaf06d2020-10-17 13:05:36 -0700[diff] [blame]9## Step 1
10
11```bash
tylerliub7083bd2020-10-17 20:42:14 -0700[diff] [blame]12sudo ./deploy.sh
Zhiyi Zhang3aaf06d2020-10-17 13:05:36 -0700[diff] [blame]13```
14
15## Step 2
16
Zhiyi Zhang633c5bf2020-10-17 16:28:05 -0700[diff] [blame]17On each site:
18
19```bash
20ndncert-client
21```
22
23```bash
tylerliub7083bd2020-10-17 20:42:14 -0700[diff] [blame]24sudo ./deploy.sh
Zhiyi Zhang633c5bf2020-10-17 16:28:05 -0700[diff] [blame]25```
26
27```bash
28ndnsec-dump-certificate XXX
29```
30
31## Step 3
Tianyuan Yu313a8d42020-10-17 21:39:15 -0700[diff] [blame^]32Stop NDNCERT CA
33```bash
34sudo systemctl stop ndncert-ca
35```
Zhiyi Zhang633c5bf2020-10-17 16:28:05 -0700[diff] [blame]36
Tianyuan Yu313a8d42020-10-17 21:39:15 -0700[diff] [blame^]37Update CA configuation file ``ca.conf`` with the output certificate just get:
38Inside ``ca.conf``, site CAs are configured by sections below:
Zhiyi Zhang633c5bf2020-10-17 16:28:05 -0700[diff] [blame]39
Tianyuan Yu313a8d42020-10-17 21:39:15 -0700[diff] [blame^]40```
41 "redirect-to":
42 [
43 {
44 "ca-prefix": "/example/site1",
45 "certificate": "Bv0CvQcwCAdleGFtcGxlCAVzaXRlMQgDS0VZCAh6af3szF4QZwgEc2VsZggJ/QAAAXT6+NCKFAkYAQIZBAA27oAV/QEmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43hjZT0HUFFJcqwj8lZnd/vg0NrzqvZ4jhsq1c+nv6J3Huc9Uq5jRZwhFQ8nBWT3CeFScO5FUQfNXDIDncZ4vYPFEnockOFVtvmKQ/ELwReUvjH80d1NPGrIVrD0lMRpv2sFr6NW2p7aw6bCSj3OJq7H/+QHDkAryssMZyHwTbPzMZHyYKmxR68CyCCpvLlgp8tYFT+cCrOc3lz3nROK3VFR+apgwubpvl8nbKD10QLcgMHSkLoLEy/Ksq8OH7MQhUEZDjLk/zL9baZ7MiKXtdUZCNTZk13y5z+4aT4TqumLB+obiDXmv6JAi+CkYIMf2ck2IvMV6JgxxIlv3+Ke2wIDAQABFlAbAQEcIQcfCAdleGFtcGxlCAVzaXRlMQgDS0VZCAh6af3szF4QZ/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwNDAwOTMwVDIyNTQwNBf9AQCCSXOqUX40mAIdKCa+nnfJCGZbNowQPJp5kDnyolj5/Ek9x8czyLcX58xTsgYtiPmL5DxMgkRujRJu9INm0pUJIJRlsqhDOwsrxIjlSgwy5AeexYe7SM3rSwljLxTR4MfBw26pym9iYt8ovHXotCDE+etyKwHzXoOgzxORoPXqBGwobNOPnhDfpzHQBFOrPd8qqLAGioNNk/k2U/uyvBbLoZS4ScNVJpfbcvcmzu/A8H/VyT4234LrlISL9WpWlO8J18yzhrXchFR0ZwCoYge5rLZ4vsQhY1WqXHCsYnRa3la6Txz44EWYEBpmk12qnkPt06KAPvQ82N1CICxFb9NY"
46 }
47 ]
48```
Zhiyi Zhang633c5bf2020-10-17 16:28:05 -0700[diff] [blame]49
Tianyuan Yu313a8d42020-10-17 21:39:15 -0700[diff] [blame^]50Replace the ``ca-prefix`` and ``certificate`` in this example section with the ones in your case.
51
52Start NDNCERT CA
53```bash
54sudo systemctl start ndncert-ca
55```